As the fallout from the Cambridge Analytica/Facebook scandal continues to grow, it’s fascinating to see the different interpretations across social media and in the press. Some people are genuinely shocked that so much personal data was being shared without users’ informed consent. Others, perhaps those more in the know, don’t see this as a scandal about one company or platform. They argue it’s the business model of many of the tech giants to share and monetise data about their users, and it has been since day one.
To me what’s even more interesting is the lack of engagement in the debate from charities. Maybe they think these issues don’t concern them (they do), or maybe their techier teams are preoccupied with GDPR compliance. Whatever it is, charities don’t seem to have much to say on the issue.
Which is odd, because charities are data organisations just as much as anyone else—they can’t deliver on their missions unless they collect, analyse, and use personal data about their beneficiaries .
Given this, you’d think charities would be on the front foot—making the case that they above all can be trusted with your personal data, and setting an example for the tech companies to follow. But they’re not part of the debate.
When the Omidyar Network published international research on people’s trust in organisations handling their data, the research only looked at trust in private and public sector organisations. Considering they are a philanthropic investment firm, this reflects a general lack of visibility of charities and NGOs in the data debate.
There are pioneers pushing the debate—anyone interested should check out the Responsible Data movement, and handbook in particular. There is also some research on trust in charities around data, like this Ipsos MORI study for the Royal Statistical Society. But charities in general seem to be very firmly on the back foot, if they take any stance at all.
I believe that charities have a great deal to say about people’s data, and it grows from our values, principles, governance and experience. My colleague Tracey Gyateng (who’s heading off to DataKind UK to be their Data Science Manager) argues charities should say “We do great stuff with your data”, and I totally agree.
We should let people know we collect data to make sure our services best meet their needs, build on their strengths, and reflect their context. We analyse data to ensure our services are effective and so we can improve them. We share data to connect people with other organisations that can help them. We ask for feedback so we can learn and improve.
Underwriting all this is transparency and integrity. We should be holding ourselves accountable to our beneficiaries as well as our donors and supporters. They should understand why we need their data, what we do with it, and how they can find out more.
And of course, they should be confident we won’t sell their data.
The last one seems obvious, but it might be more complicated than it appears. If charities collect data about beneficiaries, in order to produce glossy marketing and impact reports, in order to raise money, you can argue that selling data is exactly what we do.
That’s why it’s so critical we show the data we have delivers real impact for the people we exist to serve. NPC is working with a group of partners to develop a Personal Data Charter for charities to try to capture how we do great stuff with your data. We hope to help charities imbue their handling of personal data with the values and principles that govern their work and mission.
If we can do that, and help charities hold ourselves to the highest standards, we hope the sector will have a voice in the wider debates about people’s data—setting an example for others to follow and showing how organisations can really earn the trust of the people whose data they want and need.
The current scandal, congressional hearings included, is just the tip of the iceberg. This debate is not going away. I hope charities step up, and start to contribute from their perspective, how to build trust among customers, citizens and beneficiaries.